<?php

/**
 * ajax处理
 * @package  ajax
 * @author
 */

if (isset($_REQUEST['directory']) && !in_array($_REQUEST['directory'], array('backend', 'shop', 'comm','dunch')))//mod by allen.qiang 2015年1月22日 FUN-AC-0028 下午茶 'dunch'
    die( json_encode( array( 'message' => 'Access denied.', 'code' => 400 ) ) );

$directory = $_REQUEST['directory'];
$subdirectory = $_REQUEST['subdirectory'];
$file_name = $_REQUEST['file'];


if ($directory == 'backend') { //后台ajax

    if (isset($_COOKIE['nav_name']) && $_COOKIE['nav_name'] == 'crm') {
        define('G_DB', 'crm');
    }

    $_REQUEST['subsite'] = 'backend';
    require ('core/shop.php');

    if ($subdirectory != 'login') {

        //检查用户是否登录
        if (!$G_PGLOB->isUserLogon) {
            die( json_encode( array( 'message' => '用户未登录', 'code' => 404 ) ) );
        }


        //检查用户权限
        $access_url = sprintf ( 'invokingAjax-%s/%s/%s.ajax', $directory, $subdirectory, $file_name);
        $access_url .= '?operFlg=' . $_REQUEST['operFlg'];
        if (! $G_PGLOB->acl_check ( $access_url )) {
            die( json_encode( array( 'message' => '权限不足', 'code' => 404 ) ) );
        }

    }

} else {
    if (!isset($_REQUEST['subsite']) || !in_array($_REQUEST['subsite'], array('wap', 'shop'))) {
        $_REQUEST['subsite'] = 'shop';
    }
    require ('core/shop.php');

}

//查询ajax类文件
$action_file_name = G_APPLICATION_BASEPATH . sprintf('invokingAjax/%s/%s/ajax_%s.php', $directory, $subdirectory, $file_name);
if (! is_file($action_file_name)) {
    die( json_encode( array( 'message' => '文件不存在', 'code' => 404 ) ) );
}

//加载class文件
quanli_require( $action_file_name );

//实例化class类
$action_class_name = 'ajax_' . $file_name;
$ajax = new $action_class_name ();

header("Content-type:text/html;charset=utf-8");
$ajax->execute ();
